Instead of hardcoding rpId to "rspace.online" (which requires Related
Origins support), derive the RP ID from the request's Origin header.
Each r* app (rmaps.online, rnotes.online, etc.) now gets its own RP ID
matching its domain, so passkeys work natively without browser support
for Related Origin Requests.
- Added resolveRpId() helper that maps Origin → hostname for allowed origins
- Registration creates passkeys with the caller's domain as RP ID
- Authentication uses the caller's domain as RP ID
- Added rp_id column to credentials table for per-credential RP ID tracking
- rspace.online subdomains still use rspace.online as shared RP ID
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Forget (F): Soft-delete shapes — close button sets forgotten:true in
Automerge doc instead of removing. Memory panel (toolbar toggle) lets
users browse and Remember forgotten shapes. Server-side forgetShape()
and rememberShape() with WebSocket handlers.
Update (U): New public updateShape(id, fields) method on CommunitySync
for programmatic field updates. Existing auto-capture unchanged.
New (N): Renamed all create/add vocabulary to new — toolbar buttons,
event names (new-shape, shape-new, shape-removed), internal functions
(newShape, newShapeElement).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Rewrote auth flow to go through EncryptID server instead of
client-side unsigned JWTs. Fixes "Invalid or expired authentication
token" on space creation, and shows username in header.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The RP ID jeffemmett.com caused "relying party ID is not a registrable
domain suffix" errors on *.rspace.online subdomains. Related Origins
also exceeded the 5 eTLD+1 browser limit with 18+ domains listed.
Now rspace.online is the RP ID, so all *.rspace.online subdomains
(including cca.rspace.online) are valid automatically. The Related
Origins file only lists non-rspace.online r* ecosystem domains.
Also points rspace-header auth URL to auth.rspace.online.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
cca.rspace.online/campaign/demo now loads the campaign-demo community.
Path segments are joined with hyphens to derive the slug. Subdomain
acts as a brand namespace; root path still loads the subdomain slug.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Server-side clock broadcasting time signals via Event Bus for shapes
to subscribe to periodic events (tick, hourly, daily).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New feature card in hero grid and a dedicated section explaining
local IndexedDB persistence, Automerge auto-merge, and incremental
sync. Matches the existing visual style with pillars and identity cards.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
rSpace apps now work fully offline. Automerge documents and sync state
persist to IndexedDB, enabling instant load from cache, offline editing,
and automatic incremental merge on reconnect. A Service Worker caches
the app shell (HTML/JS/WASM) for loading without network.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Inject rdata.online/collect.js tracking script in layout
- Add rData link to ecosystem footer
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Three new canvas shapes for small-group decisions:
- folk-choice-vote: live polling with plurality, approval, and
quadratic voting modes
- folk-choice-rank: drag-to-reorder with Borda count and
instant-runoff aggregation
- folk-choice-spider: multi-criteria scoring with SVG radar chart,
per-user polygon overlays, and weighted mean aggregation
All sync via rSpace's existing Automerge CRDT infrastructure.
Aggregation algorithms are exported as pure functions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Traefik routes auth.rspace.online (priority 150) with encryptid.jeffemmett.com
fallback. Landing page rebranded as rStack Identity with rStack.online ecosystem
tagline. Registration form now includes optional email for account recovery.
JWT issuer and recovery URL updated. 14 r* apps listed.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace marketing-only landing page with a functional auth page that
lets users register and sign in with passkeys. Shows profile view
after login with DID, passkey list, session info, and recovery email
setup. Still includes feature descriptions and r-suite app links.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Traefik priority=200 and service assignment to encryptid-wellknown
router so it wins over canvas-website/personal-site for the
/.well-known/webauthn path on jeffemmett.com. Add missing origins
(rpubs.online, shop.mycofi.earth, canvas/press/cart.jeffemmett.com)
to the allowed origins list.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
SSO token relay, membership endpoints, SpaceRole bridges, and
bidirectional sync all implemented. AC #6 and #7 checked.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds space_members table and CRUD endpoints to EncryptID server for
centralized membership management. Extends Automerge CommunityDoc with
members map and PATCH endpoint for module→canvas shape updates.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Mark task-19 acceptance criteria complete, add notes on header
re-render fix, Docker build fix, and auto-deploy setup.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The parent-directory build context was blocked by a sibling project's
.dockerignore. Switch to using the repo root as context and pull
encryptid-sdk via Docker's additional_contexts feature.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When a user authenticates through the community creation form (via
requireAuth), the header bar now re-renders to show the logged-in
state instead of still displaying the Sign In button.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds a persistent header bar with sign-in/sign-up across landing and canvas
pages. The "Create Community Space" form now requires EncryptID authentication,
showing a passkey auth modal if the user isn't signed in. Auth tokens are sent
with the community creation API call. EncryptID WebAuthn modules are lazy-loaded
only when auth is triggered.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Require DATABASE_URL and JWT_SECRET via env vars instead of falling back
to hardcoded defaults. Removes insecure fallback passwords from compose
file as well. Production was already using strong .env secrets.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implements BFT-CRDT token infrastructure as FolkShape components that
live in the existing Automerge document — no new server or database needed.
Admins can create token types (mint) and issue them to participants by
DID or email (ledger), with real-time sync across all connected peers.
- folk-token-mint: token definition (name, symbol, supply, color, icon)
- folk-token-ledger: distribution tracker with issuance form, email escrow
- Canvas toolbar "Token" button creates mint+ledger+arrow pair
- Demo seeds: GOV (equal governance) and CRED (contribution credits)
- community-sync: remote property updates for both token shapes
- EncryptID: add rTube, rStack to allowed origins and landing page
- rSpace landing page: add EncryptID and interoperability sections
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add lightweight JSON WebSocket protocol (?mode=json) that bridges
Automerge to JSON for demo pages, avoiding the ~500KB Automerge bundle.
Includes GET /api/communities/:slug/shapes endpoint, POST demo reset
with rate limiting, Alpine Explorer 2026 seed data (~40 shapes), and
the useDemoSync React hook for real-time demo page connectivity.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix CSS position:absolute missing for 5 trip planning shapes
- Expand arrow connection mode to all 21 shape types (was only 2)
- Center new shapes in viewport instead of clustering top-left
- Extract createAndAddShape() utility, eliminating ~270 lines of duplication
- Add missing Google Item toolbar button
- Add error handling on remote shape creation (try-catch-finally)
- Implement actual WebSocket keep-alive ping (was a no-op)
- Use shape.toJSON() in sync layer to capture all shape properties (was only 3 types)
- Add index signature to ShapeData for arbitrary shape-specific properties
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Build context changed to parent directory so the encryptid-sdk
(referenced as file:../encryptid-sdk) is accessible during build.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Allows trusted internal services (e.g. rnotes) to push shapes
without EncryptID auth by passing X-Internal-Key header.
Key is set via INTERNAL_API_KEY env var.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix duplicate property in addShapes object literal
- Exclude src/encryptid/ from tsc (pre-existing errors, separate module)
- Add ambient type declaration for @encryptid/sdk/server
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use parent context (context: ..) so the SDK at file:../encryptid-sdk
resolves correctly during Docker build. Same pattern as rnotes-online.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Enables external apps (e.g. rNotes) to push shapes to a canvas via REST API.
Shapes are added in a single Automerge change and broadcast to connected
WebSocket clients for real-time sync.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add rnotes.online, rfunds.online, rtrips.online, rnetwork.online to
allowedOrigins for cross-r* authentication support.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New folk-* web components for collaborative trip planning:
- folk-itinerary: timeline with day grouping and category icons
- folk-destination: location card with editable notes
- folk-budget: expense tracker with progress bar
- folk-packing-list: collaborative checklist with progress
- folk-booking: booking card with type/status badges
Also adds postMessage broadcasting in community-sync for iframe
embedding in rtrips.online, and toolbar buttons in canvas.html.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Protect POST /api/communities, GET /api/communities/:slug, and WebSocket
upgrade with token verification. Add visibility (public/public_read/
authenticated/members_only) and ownerDID to community metadata. Block
writes from read-only connections.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace in-memory Maps with persistent PostgreSQL storage:
- Add db.ts with typed query functions for users, credentials, challenges
- Add schema.sql with users/credentials/challenges tables
- Update server.ts to use async DB queries
- Add postgres service to docker-compose
- Health endpoint now reports database connectivity
- Auto-cleanup of expired challenges every 10 minutes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add global AbortController for conditional UI requests
- Call abortConditionalUI() at start of registerPasskey and authenticatePasskey
- Export abortConditionalUI from index for manual use if needed
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Jeff Emmett
Jeff Emmett